US20140137269A1 - Requesting access to restricted objects by a remote computer - Google Patents
Requesting access to restricted objects by a remote computer Download PDFInfo
- Publication number
- US20140137269A1 US20140137269A1 US14/160,603 US201414160603A US2014137269A1 US 20140137269 A1 US20140137269 A1 US 20140137269A1 US 201414160603 A US201414160603 A US 201414160603A US 2014137269 A1 US2014137269 A1 US 2014137269A1
- Authority
- US
- United States
- Prior art keywords
- owner
- computerized system
- program
- user
- enterprise
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/604—Tools and structures for managing or administering access control systems
Definitions
- the present disclosure generally relates to requesting access rights to files, and more specifically to requesting access rights to files in an organization enterprise.
- One exemplary embodiment of the disclosed subject matter is a method for requesting access rights for an object of a computerized system, comprising invoking in a remote computer linkable to the computerized system an add-on program configured for notifying an owner of the object of the computerized system according to received contact data of the owner of the object, thereby requesting from the owner of the object access rights to the object independently of the computerized system.
- Another exemplary embodiment of the disclosed subject matter is an apparatus for requesting access rights for an object, comprising a computerized system having a storage and storing at least one object and contact data of an owner of the at least one object, and further comprising a first communication facility by which data related to the at least one object is providable to devices external to the computerized system, and an at least one computer comprising a second communication facility for linking with the computerized system, and further having an add-on program installed therein that is configured for notifying, independently of the computerized system, the owner of the at least one object with a request for access rights for the at least one object based on the contact data of the owner of the at least one object as provided by the computerized system.
- the term ‘enterprise’ implies a computerized system comprising a plurality of computers communicating therebetween and having and/or sharing a data storage, where the enterprise is also referred to as a ‘computerized system’ and the data storage also referred to as a ‘storage’.
- the communications between the computes may be direct and/or indirect.
- the data storage comprises one or more data storage devices.
- an enterprise comprises several computers in a range between about 10 computers and about 1000 computers or more.
- an enterprise comprises less than 10 computers, not precluding having one computer as, for example, a mainframe computer.
- object implies a data object, such as a file or a folder, stored on the storage of the enterprise and also referred to as an object of the enterprise.
- the term ‘user’ or ‘operator’ implies a person, and/or a program operating on behalf of the person, that uses a resource of an enterprise, such as a computer of the enterprise or a remote computer linkable and/or linked by communication to the enterprise such as by a computer thereof.
- the linkable and/or linked computer is generally referred to as a ‘client computer’ or a ‘remote computer.
- a user or operator is also referred to as user of the enterprise or operator of the enterprise, respectively.
- access right or ‘rights’ or ‘sufficient rights’ imply authorization for a user to access an object of an enterprise, whereas insufficient rights imply not having an authorization to access the object such as for opening or reaching the object for viewing.
- permissions implies any kind of authorization including, possibly, sufficient and/or insufficient rights.
- the authorization or permissions, and/or other properties of objects are set by the management or administration of the enterprise and/or by owners of objects of the enterprise and/or by operators with special high level authorization, also known as super-users or administrators.
- the term ‘owner’ of an object implies a user that has authority and/or access rights to an object so that he or she may grant or authorize access to the object to users not having sufficient rights for the object.
- a person and/or a program and/or any entity operative or operating on behalf on an owner of an object and authorized to grant rights to the object is also considered or regarded as the owner.
- the access may be granted on an ad-hoc basis or any other basis such as time-limited, user dependent of permanently.
- FIG. 1A schematically illustrates an enterprise comprising one or more computers, illustrated as three computers representing any number of computers, according to exemplary embodiments of the disclosed subject matter;
- FIG. 1B schematically illustrates the enterprise of FIG. 1A with a remote computer linked to the enterprise, according to exemplary embodiments of the disclosed subject matter;
- FIG. 2 schematically illustrates a display of a tree structure of objects in an enterprise accompanied by a pop-up dialog for rights request, according to exemplary embodiments of the disclosed subject matter
- FIG. 3A outlines operations for requesting access rights for an object for which a user does not have access rights, according to exemplary embodiments of the disclosed subject matter
- FIG. 3B outlines operations by a user requesting access rights for and object for which the user does not have access rights, according to exemplary embodiments of the disclosed subject matter
- FIG. 4A outlines operations for requesting by a remote computer access rights for an object for which a user does not have access rights, according to exemplary embodiments of the disclosed subject matter.
- FIG. 4B outlines some elaboration on the operations of FIG. 4A , according to exemplary embodiments of the disclosed subject matter.
- One technical problem dealt by the disclosed subject matter is handily requesting access rights to an object of an enterprise responsive to encountering the object for which a user does not have access rights, which for brevity is also referred to herein, without limiting, as a ‘forbidden object’ or a ‘restricted object’.
- One technical solution according to the disclosed subject matter is a computer operating a program configured to present, such as on a display device, a presentation structure adapted for requesting access rights to an object upon triggering or activation a forbidden object.
- the presentation structure or a component of a user-interface or a graphical-user-interface such as a dialog-box, a form, or any other presentation structure such as a button.
- GUI graphical-user-interface
- the presentations structure is also referred to a ‘dialog’ or a ‘pop-up dialog’.
- the dialog is formed such that the user can accept the dialog, for example, by clicking on an ‘OK’ button in the dialog, or by any other way such as double-click on the dialog.
- the owner of the object Responsive to accepting the dialog, the owner of the object is notified such a by sending an email to the owner, and, consequently, the owner may grant access rights for the objects to the user.
- a potential technical effect of the disclosed subject matter is a convenient handy method for automatically requesting access rights for a forbidden object in an enterprise responsive to browsing objects of the enterprise.
- one or more programs and/or software modules are configured to retrieve contact data of the owner of the forbidden object, such as email address of telephone number, and automatically send a request for accessing the forbidden object to the owner of the forbidden object.
- the code and/or functionality thereof is modified for enabling a client computer to handle requesting of permissions as described below.
- contact data or contact details of an owner of an object may comprise one item such as an email address or a telephone number, or also a plurality of such items.
- a program and/or application and/or a file-system of the enterprise is adapted by the code which associates objects with contact data of an owner thereof and further, optionally, with one or more other information such as identification of the object.
- objects of the enterprise are related to owners thereof and their respective contact information such as by one or more data structures as part of the administrative data maintained in the enterprise, such as an index or a database, collectively referred to also as an index. Accordingly, the association or relationship of a forbidden object with contact information of the owner is based on querying or retrieving elements of the index.
- the enterprise when the user operates a client computer to locate objects and/or to access objects of the enterprise, such as files, the enterprise provides to the client computer references or denotations of objects which can be used to refer to the objects and/or access the objects, at least in principle. For example, links to the objects, unique names or identifications of the objects, or any other technique for identifying and accessing the objects such as addresses of the objects, not precluding objects or parts thereof.
- the objects may be located in the enterprise or parts thereof by searching for objects, browsing in the enterprise or by any method of the art, for example, by exploring a directory of the enterprise.
- the client computer lists presentations of the objects such as by symbols or icons, or titles or names of the objects, or a part of the content of the objects, collectively referred to as presentations or representations of the objects.
- referring to a presented object or a presentation thereof implies also a link to the object, such as by a symbol that embeds a link to the object.
- An object is activated for access by triggering or activation a representation of the objects. For example, by pointing at the presented object and double-clicking, or touching a finger on a touch-screen, or clicking with a dedicated mouse button, for example, a right button, or using a combination of keyboard key and a mouse button such as ‘alt/left-button’, or by any suitable action such a distinct hand motion in screens having a sensor or camera such as in smartphones.
- activation of an object involves two or more stages, for example, responsive to triggering a representation of an object a dialog is presented to the user, for example, as a pop-up dialog, for effecting and/or accepting the activation such as by an ‘Enter’ key. In some embodiments, however, activation of the object is performed automatically without having to accept a dialog.
- data or metadata of the object is presented, such as such as the full path of the object, or permissions thereof or the owner of the object, either along with the presentations of the objects or pursuant to activation of representations of the objects.
- the object in the enterprise may be accessed. Otherwise, in case the object is not accessible to the user, such as by lack of permission, using the code installed in the enterprise the owner is automatically informed or notified that the user requests access rights to the object, without the user having to perform the chores of locating the owner and identifying the object and requesting the access rights to the object.
- the owner of the object is notified, such as by sending an email to the owner or by any other method such as SMS, Instant Messaging, or a telephone call.
- the owner grants the user access rights to the forbidden object by email or any other method such as SMS, Instant Messaging or by releasing the forbidden object via the enterprise facilities for access by the user, optionally for a certain time period and, optionally, notifying the user to that effect.
- the duty or task of notifying the owner is delegated to or based in the client computer, thereby relieving the enterprise which generally is occupied with multitude of tasks, from additional or non-essential and/or excessive load.
- the code and/or operation thereof in the enterprise is modified such as to provide to the client computer only the owner contact details and to load or transfer to the client computer an add-on program configured to enable the client computer to request permission from an owner of a forbidden object.
- transferring contact details of an object and an add-on code to the client computer poses or constitutes a smaller load on the enterprise relative to having to handle requests for permissions.
- the enterprise transferred the add-on program to a client computer an indication for that effect may be generated, so that no further download of the add-on program to that client computer is required.
- the code of the enterprise merely transfers the contact details of the owner of the object to the client computer and, optionally, if still required, downloads the add-on program to the client computer.
- the code of the enterprise transfers the contact details of the owner of the object to the client computer and, optionally, if still required, the add-on program only responsive to activation of a forbidden object, thereby further reducing the load on the enterprise in case the object was not activated.
- the client computer requests the enterprise for the contact details of the owner of the object and the enterprise, as part of the activities thereof, provides the contact details to the client computer along with add-on program if still required.
- the code of the enterprise transfers the add-on program to the client computer, if still required, when the client computer links with the enterprise as, for example, sensed by the code of the enterprise and/or any other component thereof.
- the client computer obtains and installs the add-on program by other circumstances, for example, by a provided storage medium such as a USB device or by communication with a supplier on behalf of the enterprise, thus the client computer is not necessarily linked to the enterprise for obtaining the add-on program.
- the add-on program in the client computer is invoked and sends the request for permission to the owner of the object, such as described above.
- the code in the enterprise is tunable or adjustable such as to operate in different manners according to some circumstances and/or settings. For example, in case the enterprise decides or instructed not to provide contact details of an owner of an object, even anonymously, then the code sends the request to the owner even if the client computer comprises the add-on program. As another example, the code operating in the enterprise may be advised or sense that the enterprise is overloaded such as above a limit, and consequently the code delegates the task of notifying owners to the client computer as described above.
- code and add-on program are designate as such for brevity and clarity, whereas in principle the code and add-on program may be of the same nature.
- the code is installed on one or more computers or servers of the enterprise as an add-on code.
- the code and/or the add-on program are installed or integrated for operation in the enterprise or the client computer, respectively, as known in the art such as by a mechanism of a plug-in or a script.
- a mechanism of a plug-in or a script For example, as a Flash (Adobe Inc) or a JavaScript (Oracle Inc.) or an ActiveX (Microsoft Inc.).
- FIG. 1A schematically illustrates an enterprise 100 , designated by a dotted frame 110 , comprising one or more computers, illustrated as three instances of a computer 104 , representing any number of computer 104 , as indicated by dashed lines 114 .
- Enterprise 100 further comprises one or more data storage devices, illustrated as two instances of a data storage device 102 , representing any number of data storage device 102 , as indicated by dashed lines 112 .
- Data storage device 102 generally stores objects or data entities such as files or database records or users definitions or similar elements collectively referred to also as objects.
- Data storage device 102 optionally stored an index or part thereof of enterprise 100 .
- Enterprise 100 is configured to provide or transfer to devices external to enterprise 100 by communications facilities comprised therein objects thereof and/or data related to objects thereof, such as references to objects, and/or other data related to objects thereof such as data obtained from an index of enterprise 100 .
- the instances of computer 104 are connected or linked or coupled therebetween and to the instances of data storage device 102 , the connection or linkage illustrated and represented by a network 106 .
- one or more of computer 104 stands for or operate as a server of enterprise 100 .
- FIG. 1B schematically illustrates enterprise 100 with a client computer 120 linked to enterprise 100 , representing any number of client computer 120 .
- Client computer 120 is connected or linked to enterprise 100 by any communication facility or facilities comprised in enterprise 100 and/or client computer 120 as illustrated schematically by a double-ended arrow 124 representing also a two-directional data flow between enterprise 100 and client computer 120 .
- client computer 120 is linkable with enterprise 100 via network 106 and/or one of computer 104 ,
- Client computer 120 comprises an add-on program, schematically illustrated as a program 122 , configured for and operative for requesting permission from an owner of a forbidden object, such as described above, for example, by a transfer from enterprise 100 initiated by enterprise 100 and/or client computer 120 .
- a program 122 configured for and operative for requesting permission from an owner of a forbidden object, such as described above, for example, by a transfer from enterprise 100 initiated by enterprise 100 and/or client computer 120 .
- FIG. 2 schematically illustrates a display or representations of a tree structure 200 of objects in an enterprise, such as enterprise 100 , accompanied by a pop-up dialog 210 for rights request, according to exemplary embodiments of the disclosed subject matter.
- the dashed lines in tree structure 200 indicate some, if any, continuation of the tree structure.
- the display is presented on a screen of a remote computer such as, for example, client computer 120 , usually though not necessarily responsive to a search in the enterprise launched by the remote computer.
- a user browsing the enterprise or searching therein such as in a server 212 denoted as ‘Admin’, may encounter a forbidden object 202 , denoted as a file or folder ‘xyz’.
- forbidden object 202 for which the user does not have access rights.
- the user has to request access rights from the owner of forbidden object 202 , not necessarily knowing who the owner is and/or how to contact the owner.
- the user may activate or trigger forbidden object 202 , such as by pointing with a mouse on forbidden object 202 and pressing right-button, and a pop-up dialog 210 is presented.
- Pop-up dialog 210 comprises object identification 204 of forbidden object 202 , and, optionally, also name 206 of the owner of forbidden object 202 .
- the user may accept the request by activating a button 208 , denoted as ‘Accept’, such as by double-click on button 208 and/or pressing ‘Enter’ key. Having accepted the request, pop-up dialog 210 disappears.
- the owner such as ‘IT Manager’, receives a notification that the user has requested access to forbidden object 202 , and the owner may provide the access rights for forbidden object 202 to the user.
- providing and/or sending a notification to the owner is carried out by the enterprise such as enterprise 100 by employing a code installed therein.
- providing and/or sending a notification to the owner is carried out by an add-on program such as program 122 installed in client computer 120 based on contact data of the owner as provided by the enterprise.
- forbidden object 202 instead of and/or in addition to object identification 204 of forbidden object 202 , the representation of forbidden object 202 is highlighted such as in a special color or a texture or a pattern.
- the user is not allowed to know who the owner is, and in such a case, name 206 is not included in pop-up dialog 210 .
- pop-up dialog 210 comprises only button 208 .
- pop-up dialog 210 comprises a button 214 denoted as ‘Accept Tree’.
- a multiplicity of forbidden objects may be selected, for example, by repeatedly clicking by a left-button of a mouse, and subsequently triggering the multiplicity of forbidden objects such as by a right-button of a mouse.
- a dialog appear, optionally comprising the identifications of the multiplicity of forbidden objects and further, optionally, the respective owners of the multiplicity of forbidden objects. Accepting the dialog the respective owners of the multiplicity of forbidden objects are notified that access rights are requested for the multiplicity of forbidden objects, and the owners may respond by providing the requested rights.
- a dialog appears notifying the user that he or she does not have access rights to the object.
- triggering or activation the object comprises, such as in addition or instead of the activation techniques described above, hovering on the object with a pointing device such as a mouse, without any further operation such as right-button click.
- the pointing device when a touch screen is used, the pointing device includes a finger and/or other member of the user. It is further noted that, at least in some embodiments, a keyboarded and/or keys thereof is considered as a pointing device, for example, arrow keys to point at a representation of an object and a key such as an ‘Enter’ key are used to point at a representation of an object and to trigger the representation thereof.
- the owner of a forbidden object should provide an explanation and/or rationale why the owner grants access rights to a forbidden object or refuses to do so.
- the user may use any suitable apparatus to access the now non-forbidden object, for example, any suitable client computer.
- enterprise 100 such as enterprise 100
- enterprise 100 is provided as an example, and the methods described herein may be used for or applied to any computerized system, not precluding a single computer.
- FIG. 3A outlines operations for requesting access rights for an object for which a user does not have access right, according to exemplary embodiments of the disclosed subject matter.
- a code that enables or facilitates requesting access rights for an object is installed.
- the code is installed in an enterprise, such as enterprise 100 , in one or more of the programs of the enterprise such as file system thereof or any other program that can display and/or browse the objects of the enterprise, such as a search program.
- the code is installed as a plug-in code or a script and/or otherwise additional code cooperating and/or integrated with the enterprise program and/or programs.
- a dialog such as a pop-up dialog, is presented responsive to triggering a representation of an object for which a user does not have access rights.
- the triggering of the representation of the object may be carried out by pointing at the object such a by a mouse and applying a preset or a reserved operation such as right-button of a mouse.
- the code enables selecting a plurality of objects for which a user does not have access rights and accepting a dialog for the plurality of objects the owner or owners of the respective objects are notified that access rights are requested for the objects.
- operation 304 and operation 306 may be repeated as indicated by an arrow 308 .
- FIG. 3B outlines operations by a user requesting access rights for an object for which the user does not have access rights, according to exemplary embodiments of the disclosed subject matter.
- a user optionally, identifies a representation of an object for which the user does not have access rights.
- the user triggers the representation of the object for which a user does not have access rights. For example, pointing by a mouse the representation of the object and applying a preset or a reserved operation such as right-button of a mouse or hovering over the representation of the object.
- the user accepts a dialog that appears responsive to triggering the representation of the object for which the user does not have access rights, thereby automatically notifying an owner of the object for which the user does not have access rights that access rights are requested by the user.
- the user may select a plurality of objects for which a user does not have access rights and in a similar manner request the owner or owners of the objects access rights thereto.
- a user may request access rights from an owner of an object wherein the user does not know who the owner is and, furthermore, optionally, the user is not allowed to know who the owner is and/or to know how to contact the owner.
- dialog and operations respective thereto is a non-limiting example for conveying a non-limiting practice of the present disclosure.
- different dialog and operations thereof may be used.
- no dialog is used, for example, once a forbidden object or a presentation thereof is triggered or activated, the owner of the forbidden object is notified.
- FIG. 4A outlines operations 400 for requesting by a remote computer access rights for an object for which a user does not have access rights, according to exemplary embodiments of the disclosed subject matter.
- an add-on program configured for notifying an owner of an object of a computerized system is provided to a remote computer linked to the computerized system, where the add-on program is a program installed and operable in the remote computer by a mechanism such as of a plug-in or a script.
- the add-on program is provided to the remote computer by any method, for example, by a storage device or via communications with a provider of the add-on program.
- a reference to a forbidden object of the computerized system and contact data of the owner of the forbidden object are provided to the remote computer.
- a reference to an object such as the forbidden object is provided as a link to the object or as by any other manner to locate and/or access the object, such as an address of the object.
- a representation of the forbidden object is displayed on and/or by the remote computer based on the reference to the forbidden object, and by triggering or activating the representation of the forbidden object the owner the forbidden object is notified by the add-on program according to the contact data that permission to access the forbidden object is requested for a user operating the remote computer.
- Triggering or activating a representation of an object is carried out by an action on and/or directed to the representation, for example, double-clicking by a mouse, double-tapping on a touch screen or any other suitable technique where some of which are described above.
- operation 404 may precede operation 402 .
- FIG. 4B outlines operations 440 as some elaboration on operations 400 , according to exemplary embodiments of the disclosed subject matter.
- an add-on program configured for notifying an owner of an object of a computerized system is provided by the computerized system to a remote computer linked to the computerized system by and/or based on a code installed in a computerized system.
- the code refers to a program or software modules installed in the computerized system such as in one or more components thereof.
- the code is installed by a mechanism such as a library, dynamic link library (DLL) or any suitable mechanism such as a plug-in or a script.
- DLL dynamic link library
- a reference to a forbidden object of the computerized system and contact data of the owner of the forbidden object is provided to the remote computer by the computerized system by and/or based on the code installed in the computerized system.
- the reference is provided to the computerized system based on the ordinary and/or original software of the computerized system, namely, not involving the code. Further, according to and/or based on the code, the contact data is provided to the computerized system.
- a representation of the forbidden object is displayed by the remote computer according to and/or based on the reference, such as on a screen of and/or linked to the remote computer.
- the displayed representation of the forbidden object is triggering or activated. Consequently, by utilizing the contact data the add-on program is invoked to notify the owner the forbidden object that permission to access the forbidden object is requested by a user operating the remote computer.
- operation 444 may precede operation 442 .
- the computerized system requests the computerized system to provide the contact data pursuant to or responsively to receiving the reference, or, alternatively, in some embodiments, the computerized system requests the computerized system to provide the contact data pursuant to or responsively to triggering the reference.
- the owner of the forbidden object may grant permission to the user of the remote computer to access the forbidden objects, optionally subject to one or more conditions such as expiration period of the permission, locality of the remote computer, limited number of accesses and so forth.
- a forbidden object may comprise at least one section forbidden to a user, so that a notification to the owner may be applicable only to the forbidden section.
- remote computer linked to a computerized system does not necessarily imply that the remote computer is indeed linked to the computerized system to carry out the operations described above. Rather, the remote computer may be intermittently linked the computerized system only for receiving and/or exchange data with the computerized system, and thus the remote computer is also referred to as being linkable to the computerized system.
- client computer 120 is linkable to enterprise 100 rather than being constantly linked to enterprise 100 .
- notifying an owner of an object of a computerized system by the add-on program operable in a remote computer linkable and/or linked to the computerized system is carried out independently of the computerized system whether the remote computer is linked or unlinked or detached from the computerized system.
- operation 406 of operations 400 or operation 448 of operations 440 may be carried out on client computer 120 independently of a computerized system such as enterprise 100 .
- a contact detail and/or details of a user operating the remote computer, such as client computer 120 are provided to the owner either implicitly or explicitly.
- the owner may obtain the contact of the user implicitly by the sender email or telephone number, respectively.
- the user may attach explicitly a contact, such as an email, of the user for the owner responds to the user.
- a method for requesting access rights for an object of a computerized system comprising invoking in a remote computer linkable to the computerized system an add-on program configured for notifying an owner of the object of the computerized system according to received contact data of the owner of the object, thereby requesting from the owner of the object access rights to the object independently of the computerized system.
- the contact data of the owner of the object is received from the computerized system when the remote is linked to the computerized system.
- the add-on program is received from the computerized system when the remote computer linkable to the computerized system is linked to the computerized system.
- the add-on program is invoked responsive to triggering a displayed representation of the object which is based on a reference to the object received from the computerized system.
- a user of the computerized system does not have access rights for the object of the computerized system.
- a user of the computerized system does not have access rights for the object of the computerized system.
- the user is unaware who the owner of the object is.
- the user is unaware about contact information of the owner.
- the triggering of the displayed representation of the object comprises an operation with respect to the displayed representation of the object by a pointing device.
- notifying the owner comprises at least one of sending an email to the owner, sending SMS to the owner, instant messaging the owner, telephoning the owner, or any combination thereof.
- the add-on program is installed in the computer as at least one of a plug-in program, a script, a library, a dynamic-link-library, or any combination thereof.
- an apparatus for requesting access rights for an object comprising a computerized system having a storage and storing at least one object and contact data of an owner of the at least one object, and further comprising a first communication facility by which data related to the at least one object is providable to devices external to the computerized system, and an at least one computer comprising a second communication facility for linking with the computerized system, and further having an add-on program installed therein that is configured for notifying, independently of the computerized system, the owner of the at least one object with a request for access rights for the at least one object based on the contact data of the owner of the at least one object as provided by the computerized system.
- the at least one computer comprises a screen on which a representation of the at least one object is displayable based on a reference to the object receivable from the computerized system.
- the representation of the at least one object when displayed on the screen is triggerable to invoke the add-on program to notify the owner of the at least one object.
- triggering of the displayed representation of the at least one object comprises an operation with respect to the displayed representation of the at least one object by a pointing device.
- notifying the owner comprises at least one of sending an email to the owner, sending SMS to the owner, instant messaging the owner, telephoning the owner, or any combination thereof.
- the add-on program is installed in the computer as at least one of a plug-in program, a script, a library, a dynamic-link-library, or any combination thereof.
- processors or ‘computer’, or system thereof, are used herein as ordinary context of the art, such as a general purpose processor or a micro-processor, RISC processor, or DSP, possibly comprising additional elements such as memory or communication ports.
- processors or ‘computer’ or derivatives thereof denote an apparatus that is capable of carrying out a provided or an incorporated program and/or is capable to controlling and/or accessing data storage apparatus and/or other apparatus such as input and output ports.
- processors or ‘computer’ denote also a plurality of processors or computers connected, and/or linked and/or otherwise communicating, possibly sharing one or more other resources such as a memory.
- the terms ‘software’, ‘program’, ‘software procedure’ or ‘procedure’ or ‘software code’ or ‘code’ may be used interchangeably according to the context thereof, and denote one or more instructions or directives or circuitry for performing a sequence of operations that generally represent an algorithm and/or other process or method.
- the program is stored in or on a medium such as RAM, ROM, or disk, or embedded in a circuitry accessible and executable by an apparatus such as a processor or other circuitry.
- the processor and program may constitute the same apparatus, at least partially, such as an array of electronic gates, such as FPGA or ASIC, designed to perform a programmed sequence of operations, optionally comprising or linked with a processor or other circuitry.
- an array of electronic gates such as FPGA or ASIC
- the term computerized apparatus or a similar one denotes an apparatus having one or more processors operable or operating according to a program.
- a module represents a part of a system such as a part program operating together with other parts on the same unit, or a program component operating on different unit, and a process represents a collection of operations for achieving a certain outcome.
- the term “configuring” and/or ‘adapting’ for an objective, or a variation thereof, implies using at least a software and/or electronic circuit and/or auxiliary apparatus designed and/or implemented and/or operable or operative to achieve the objective.
- a device storing and/or comprising a program and/or data constitutes an article of manufacture. Unless otherwise specified, the program and/or data are stored in or on a non-transitory medium.
- each block in the flowchart or block diagrams may represent a module, segment, or portion of program code, which comprises one or more executable instructions for implementing the specified logical function(s).
- illustrated operations may occur in deferent order or as concurrent operations instead of sequential operations to achieve the same or equivalent effect.
- the term “configuring” and/or ‘adapting’ for an objective, or a variation thereof, implies using materials and/or components in a manner designed for and/or implemented and/or operable or operative to achieve the objective.
Abstract
A method for requesting access rights for an object of a computerized system, comprising invoking in a remote computer linkable to the computerized system an add-on program configured for notifying an owner of the object of the computerized system according to received contact data of the owner of the object, thereby requesting from the owner of the object access rights to the object independently of the computerized system, and an apparatus for performing the same.
Description
- The present application is a Continuation-in-Part of U.S. application Ser. No. 13/437,004 filed on Apr. 2, 2012, and published as US 2013/0263275 on Oct. 3, 2013, the disclosure of which is hereby incorporated by reference.
- Reference is made to U.S. application Ser. No. 11/786,522, having an at least one common inventor with the present application, filed Apr. 12, 2007 and which is published as US2007/0244899, that reports methods and systems for decentralizing user data access rights control activities in networked organizations.
- The present disclosure generally relates to requesting access rights to files, and more specifically to requesting access rights to files in an organization enterprise.
- Generally, in an organization enterprise some users have access right for which other users do no have, yet, there might be occasions when a user wishes to access a file for which the user does not have access rights.
- One exemplary embodiment of the disclosed subject matter is a method for requesting access rights for an object of a computerized system, comprising invoking in a remote computer linkable to the computerized system an add-on program configured for notifying an owner of the object of the computerized system according to received contact data of the owner of the object, thereby requesting from the owner of the object access rights to the object independently of the computerized system.
- Another exemplary embodiment of the disclosed subject matter is an apparatus for requesting access rights for an object, comprising a computerized system having a storage and storing at least one object and contact data of an owner of the at least one object, and further comprising a first communication facility by which data related to the at least one object is providable to devices external to the computerized system, and an at least one computer comprising a second communication facility for linking with the computerized system, and further having an add-on program installed therein that is configured for notifying, independently of the computerized system, the owner of the at least one object with a request for access rights for the at least one object based on the contact data of the owner of the at least one object as provided by the computerized system.
- In the context of the present disclosure, without limiting, the term ‘enterprise’ implies a computerized system comprising a plurality of computers communicating therebetween and having and/or sharing a data storage, where the enterprise is also referred to as a ‘computerized system’ and the data storage also referred to as a ‘storage’.
- The communications between the computes may be direct and/or indirect. The data storage comprises one or more data storage devices.
- Generally, without limiting, an enterprise comprises several computers in a range between about 10 computers and about 1000 computers or more. Optionally, an enterprise comprises less than 10 computers, not precluding having one computer as, for example, a mainframe computer.
- Without limiting, in the context of the present disclosure with respect to an enterprise, the term ‘object’ implies a data object, such as a file or a folder, stored on the storage of the enterprise and also referred to as an object of the enterprise.
- In the context of the present disclosure, without limiting, the term ‘user’ or ‘operator’ implies a person, and/or a program operating on behalf of the person, that uses a resource of an enterprise, such as a computer of the enterprise or a remote computer linkable and/or linked by communication to the enterprise such as by a computer thereof. The linkable and/or linked computer is generally referred to as a ‘client computer’ or a ‘remote computer. A user or operator is also referred to as user of the enterprise or operator of the enterprise, respectively.
- In the context of the present disclosure, without limiting, the term ‘access right’ or ‘rights’ or ‘sufficient rights’ imply authorization for a user to access an object of an enterprise, whereas insufficient rights imply not having an authorization to access the object such as for opening or reaching the object for viewing. Referring generally or collectively to permissions implies any kind of authorization including, possibly, sufficient and/or insufficient rights.
- Generally and without limiting, the authorization or permissions, and/or other properties of objects such as classifications, are set by the management or administration of the enterprise and/or by owners of objects of the enterprise and/or by operators with special high level authorization, also known as super-users or administrators.
- In the context of the present disclosure, without limiting, the term ‘owner’ of an object implies a user that has authority and/or access rights to an object so that he or she may grant or authorize access to the object to users not having sufficient rights for the object. Without limiting, a person and/or a program and/or any entity operative or operating on behalf on an owner of an object and authorized to grant rights to the object is also considered or regarded as the owner. The access may be granted on an ad-hoc basis or any other basis such as time-limited, user dependent of permanently.
- In the context of the present disclosure, without, limiting, the terms ‘conveniently’ or ‘handily’ imply, with respect to an operation, at least partly automating an operation thereby precluding and/or eliminating specific manual actions.
- The terms cited above denote also inflections and conjugates thereof.
- Some non-limiting exemplary embodiments or features of the disclosed subject matter are illustrated in the following drawings.
- Identical or duplicate or equivalent or similar structures, elements, or parts that appear in one or more drawings are generally labeled with the same reference numeral, optionally with an additional letter or letters to distinguish between similar objects or variants of objects, and may not be repeatedly labeled and/or described.
- Dimensions of components and features shown in the figures are chosen for convenience or clarity of presentation and are not necessarily shown to scale or true perspective. For convenience or clarity, some elements or structures are not shown or shown only partially and/or with different perspective or from different point of views.
- References to previously presented elements are implied without necessarily further citing the drawing or description in which they appear.
-
FIG. 1A schematically illustrates an enterprise comprising one or more computers, illustrated as three computers representing any number of computers, according to exemplary embodiments of the disclosed subject matter; -
FIG. 1B schematically illustrates the enterprise ofFIG. 1A with a remote computer linked to the enterprise, according to exemplary embodiments of the disclosed subject matter; -
FIG. 2 schematically illustrates a display of a tree structure of objects in an enterprise accompanied by a pop-up dialog for rights request, according to exemplary embodiments of the disclosed subject matter; -
FIG. 3A outlines operations for requesting access rights for an object for which a user does not have access rights, according to exemplary embodiments of the disclosed subject matter; -
FIG. 3B outlines operations by a user requesting access rights for and object for which the user does not have access rights, according to exemplary embodiments of the disclosed subject matter; -
FIG. 4A outlines operations for requesting by a remote computer access rights for an object for which a user does not have access rights, according to exemplary embodiments of the disclosed subject matter; and -
FIG. 4B outlines some elaboration on the operations ofFIG. 4A , according to exemplary embodiments of the disclosed subject matter. - One technical problem dealt by the disclosed subject matter is handily requesting access rights to an object of an enterprise responsive to encountering the object for which a user does not have access rights, which for brevity is also referred to herein, without limiting, as a ‘forbidden object’ or a ‘restricted object’.
- One technical solution according to the disclosed subject matter is a computer operating a program configured to present, such as on a display device, a presentation structure adapted for requesting access rights to an object upon triggering or activation a forbidden object.
- In some embodiments, the presentation structure or a component of a user-interface or a graphical-user-interface (GUI), such as a dialog-box, a form, or any other presentation structure such as a button. For brevity and clarity, without limiting and unless otherwise specified, the presentations structure is also referred to a ‘dialog’ or a ‘pop-up dialog’.
- In some embodiments, the dialog is formed such that the user can accept the dialog, for example, by clicking on an ‘OK’ button in the dialog, or by any other way such as double-click on the dialog.
- Responsive to accepting the dialog, the owner of the object is notified such a by sending an email to the owner, and, consequently, the owner may grant access rights for the objects to the user.
- A potential technical effect of the disclosed subject matter is a convenient handy method for automatically requesting access rights for a forbidden object in an enterprise responsive to browsing objects of the enterprise.
- A general non-limiting overview of practicing the present disclosure is presented below. The overview outlines exemplary practice of embodiments of the present disclosure, providing a constructive basis for variant and/or alternative and/or divergent embodiments, some of which are subsequently described.
- According to the disclosed subject matter, in order to request access rights for a forbidden object by a user, the user does not have to identify the forbidden object and consequently locate the owner of the forbidden object. Rather, one or more programs and/or software modules, also referred to as a ‘code’, are configured to retrieve contact data of the owner of the forbidden object, such as email address of telephone number, and automatically send a request for accessing the forbidden object to the owner of the forbidden object. It is noted that in some embodiments, the code and/or functionality thereof is modified for enabling a client computer to handle requesting of permissions as described below. It is also noted that contact data or contact details of an owner of an object may comprise one item such as an email address or a telephone number, or also a plurality of such items.
- In some embodiments, a program and/or application and/or a file-system of the enterprise is adapted by the code which associates objects with contact data of an owner thereof and further, optionally, with one or more other information such as identification of the object. For example, objects of the enterprise are related to owners thereof and their respective contact information such as by one or more data structures as part of the administrative data maintained in the enterprise, such as an index or a database, collectively referred to also as an index. Accordingly, the association or relationship of a forbidden object with contact information of the owner is based on querying or retrieving elements of the index.
- Thus, in some embodiments, when the user operates a client computer to locate objects and/or to access objects of the enterprise, such as files, the enterprise provides to the client computer references or denotations of objects which can be used to refer to the objects and/or access the objects, at least in principle. For example, links to the objects, unique names or identifications of the objects, or any other technique for identifying and accessing the objects such as addresses of the objects, not precluding objects or parts thereof. Generally, the objects may be located in the enterprise or parts thereof by searching for objects, browsing in the enterprise or by any method of the art, for example, by exploring a directory of the enterprise.
- Consequently, the client computer lists presentations of the objects such as by symbols or icons, or titles or names of the objects, or a part of the content of the objects, collectively referred to as presentations or representations of the objects.
- For brevity and clarity, without limiting, referring to a presented object or a presentation thereof implies also a link to the object, such as by a symbol that embeds a link to the object.
- An object is activated for access by triggering or activation a representation of the objects. For example, by pointing at the presented object and double-clicking, or touching a finger on a touch-screen, or clicking with a dedicated mouse button, for example, a right button, or using a combination of keyboard key and a mouse button such as ‘alt/left-button’, or by any suitable action such a distinct hand motion in screens having a sensor or camera such as in smartphones. Optionally, activation of an object involves two or more stages, for example, responsive to triggering a representation of an object a dialog is presented to the user, for example, as a pop-up dialog, for effecting and/or accepting the activation such as by an ‘Enter’ key. In some embodiments, however, activation of the object is performed automatically without having to accept a dialog.
- In some embodiments, data or metadata of the object is presented, such as such as the full path of the object, or permissions thereof or the owner of the object, either along with the presentations of the objects or pursuant to activation of representations of the objects.
- In case the object is accessible to the user, such as by suitable permission, the object in the enterprise may be accessed. Otherwise, in case the object is not accessible to the user, such as by lack of permission, using the code installed in the enterprise the owner is automatically informed or notified that the user requests access rights to the object, without the user having to perform the chores of locating the owner and identifying the object and requesting the access rights to the object.
- In some embodiments, the owner of the object is notified, such as by sending an email to the owner or by any other method such as SMS, Instant Messaging, or a telephone call. In some embodiments, the owner grants the user access rights to the forbidden object by email or any other method such as SMS, Instant Messaging or by releasing the forbidden object via the enterprise facilities for access by the user, optionally for a certain time period and, optionally, notifying the user to that effect.
- In some embodiments, instead of the enterprise taking care of notifying the owner, the duty or task of notifying the owner is delegated to or based in the client computer, thereby relieving the enterprise which generally is occupied with multitude of tasks, from additional or non-essential and/or excessive load.
- In some embodiments, the code and/or operation thereof in the enterprise is modified such as to provide to the client computer only the owner contact details and to load or transfer to the client computer an add-on program configured to enable the client computer to request permission from an owner of a forbidden object. Generally, at least potentially, transferring contact details of an object and an add-on code to the client computer poses or constitutes a smaller load on the enterprise relative to having to handle requests for permissions. Moreover, once the enterprise transferred the add-on program to a client computer an indication for that effect may be generated, so that no further download of the add-on program to that client computer is required.
- Thus, in some embodiments, as the user obtains a presentation or a link to a forbidden object, the code of the enterprise merely transfers the contact details of the owner of the object to the client computer and, optionally, if still required, downloads the add-on program to the client computer. In some embodiments, the code of the enterprise transfers the contact details of the owner of the object to the client computer and, optionally, if still required, the add-on program only responsive to activation of a forbidden object, thereby further reducing the load on the enterprise in case the object was not activated. Alternatively, in some embodiments, the client computer requests the enterprise for the contact details of the owner of the object and the enterprise, as part of the activities thereof, provides the contact details to the client computer along with add-on program if still required. Further, optionally or additionally, the code of the enterprise transfers the add-on program to the client computer, if still required, when the client computer links with the enterprise as, for example, sensed by the code of the enterprise and/or any other component thereof. Further optionally, in some embodiments, the client computer obtains and installs the add-on program by other circumstances, for example, by a provided storage medium such as a USB device or by communication with a supplier on behalf of the enterprise, thus the client computer is not necessarily linked to the enterprise for obtaining the add-on program.
- Consequently, when the user activates a forbidden object, the add-on program in the client computer is invoked and sends the request for permission to the owner of the object, such as described above.
- In some embodiments, the code in the enterprise is tunable or adjustable such as to operate in different manners according to some circumstances and/or settings. For example, in case the enterprise decides or instructed not to provide contact details of an owner of an object, even anonymously, then the code sends the request to the owner even if the client computer comprises the add-on program. As another example, the code operating in the enterprise may be advised or sense that the enterprise is overloaded such as above a limit, and consequently the code delegates the task of notifying owners to the client computer as described above.
- It is noted that the code and add-on program are designate as such for brevity and clarity, whereas in principle the code and add-on program may be of the same nature. For example, the code is installed on one or more computers or servers of the enterprise as an add-on code.
- The code and/or the add-on program are installed or integrated for operation in the enterprise or the client computer, respectively, as known in the art such as by a mechanism of a plug-in or a script. For example, as a Flash (Adobe Inc) or a JavaScript (Oracle Inc.) or an ActiveX (Microsoft Inc.).
-
FIG. 1A schematically illustrates anenterprise 100, designated by adotted frame 110, comprising one or more computers, illustrated as three instances of acomputer 104, representing any number ofcomputer 104, as indicated by dashedlines 114. -
Enterprise 100 further comprises one or more data storage devices, illustrated as two instances of adata storage device 102, representing any number ofdata storage device 102, as indicated by dashedlines 112.Data storage device 102 generally stores objects or data entities such as files or database records or users definitions or similar elements collectively referred to also as objects.Data storage device 102 optionally stored an index or part thereof ofenterprise 100. -
Enterprise 100 is configured to provide or transfer to devices external toenterprise 100 by communications facilities comprised therein objects thereof and/or data related to objects thereof, such as references to objects, and/or other data related to objects thereof such as data obtained from an index ofenterprise 100. - The instances of
computer 104 are connected or linked or coupled therebetween and to the instances ofdata storage device 102, the connection or linkage illustrated and represented by anetwork 106. - Optionally, one or more of
computer 104 stands for or operate as a server ofenterprise 100. -
FIG. 1B schematically illustratesenterprise 100 with aclient computer 120 linked toenterprise 100, representing any number ofclient computer 120. -
Client computer 120 is connected or linked toenterprise 100 by any communication facility or facilities comprised inenterprise 100 and/orclient computer 120 as illustrated schematically by a double-endedarrow 124 representing also a two-directional data flow betweenenterprise 100 andclient computer 120. For example,client computer 120 is linkable withenterprise 100 vianetwork 106 and/or one ofcomputer 104, -
Client computer 120 comprises an add-on program, schematically illustrated as aprogram 122, configured for and operative for requesting permission from an owner of a forbidden object, such as described above, for example, by a transfer fromenterprise 100 initiated byenterprise 100 and/orclient computer 120. -
FIG. 2 schematically illustrates a display or representations of atree structure 200 of objects in an enterprise, such asenterprise 100, accompanied by a pop-updialog 210 for rights request, according to exemplary embodiments of the disclosed subject matter. The dashed lines intree structure 200 indicate some, if any, continuation of the tree structure. - Generally, the display is presented on a screen of a remote computer such as, for example,
client computer 120, usually though not necessarily responsive to a search in the enterprise launched by the remote computer. - In some embodiments and/or cases, a user browsing the enterprise or searching therein, such as in a
server 212 denoted as ‘Admin’, may encounter a forbiddenobject 202, denoted as a file or folder ‘xyz’. - By way of example, it is assumed that the user wishes to access forbidden
object 202 for which the user does not have access rights. Thus, the user has to request access rights from the owner of forbiddenobject 202, not necessarily knowing who the owner is and/or how to contact the owner. - The user may activate or trigger forbidden
object 202, such as by pointing with a mouse on forbiddenobject 202 and pressing right-button, and a pop-updialog 210 is presented. - Pop-up
dialog 210 comprisesobject identification 204 of forbiddenobject 202, and, optionally, also name 206 of the owner of forbiddenobject 202. - Having confirmed by
object identification 204 that indeed access rights are wanted forforbidden object 202, the user may accept the request by activating abutton 208, denoted as ‘Accept’, such as by double-click onbutton 208 and/or pressing ‘Enter’ key. Having accepted the request, pop-updialog 210 disappears. - Responsive to acceptance, the owner, such as ‘IT Manager’, receives a notification that the user has requested access to forbidden
object 202, and the owner may provide the access rights for forbiddenobject 202 to the user. - In some embodiments, providing and/or sending a notification to the owner is carried out by the enterprise such as
enterprise 100 by employing a code installed therein. - Alternatively, in some embodiments, providing and/or sending a notification to the owner is carried out by an add-on program such as
program 122 installed inclient computer 120 based on contact data of the owner as provided by the enterprise. - In some embodiments, instead of and/or in addition to object
identification 204 of forbiddenobject 202, the representation of forbiddenobject 202 is highlighted such as in a special color or a texture or a pattern. - In some embodiments, the user is not allowed to know who the owner is, and in such a case,
name 206 is not included in pop-updialog 210. - Thus, in some embodiments, pop-up
dialog 210 comprises onlybutton 208. - In some embodiments, when forbidden
object 202 is a folder comprising multiple objects, access rights for the whole or a part of sub-tree of objects in of forbiddenobject 202 may be requested, where, accordingly, pop-updialog 210 comprises abutton 214 denoted as ‘Accept Tree’. - In some embodiments, a multiplicity of forbidden objects may be selected, for example, by repeatedly clicking by a left-button of a mouse, and subsequently triggering the multiplicity of forbidden objects such as by a right-button of a mouse. Responsively, a dialog appear, optionally comprising the identifications of the multiplicity of forbidden objects and further, optionally, the respective owners of the multiplicity of forbidden objects. Accepting the dialog the respective owners of the multiplicity of forbidden objects are notified that access rights are requested for the multiplicity of forbidden objects, and the owners may respond by providing the requested rights.
- In some embodiments, responsive to activation or triggering an object for which a user has access rights no dialog appears, optionally with some indication such as a ‘beep’. Optionally or alternatively, a dialog appears notifying the user that he or she does not have access rights to the object.
- In some embodiments, triggering or activation the object comprises, such as in addition or instead of the activation techniques described above, hovering on the object with a pointing device such as a mouse, without any further operation such as right-button click.
- It is noted the when a touch screen is used, the pointing device includes a finger and/or other member of the user. It is further noted that, at least in some embodiments, a keyboarded and/or keys thereof is considered as a pointing device, for example, arrow keys to point at a representation of an object and a key such as an ‘Enter’ key are used to point at a representation of an object and to trigger the representation thereof.
- It is noted that, in some embodiments, the owner of a forbidden object should provide an explanation and/or rationale why the owner grants access rights to a forbidden object or refuses to do so.
- Provided that the owner granted permission to a forbidden object to a user, the user may use any suitable apparatus to access the now non-forbidden object, for example, any suitable client computer.
- It is noted that an enterprise, such as
enterprise 100, is provided as an example, and the methods described herein may be used for or applied to any computerized system, not precluding a single computer. -
FIG. 3A outlines operations for requesting access rights for an object for which a user does not have access right, according to exemplary embodiments of the disclosed subject matter. - In operation 302 a code that enables or facilitates requesting access rights for an object, as by
operation 304 andoperation 306 below, is installed. - The code is installed in an enterprise, such as
enterprise 100, in one or more of the programs of the enterprise such as file system thereof or any other program that can display and/or browse the objects of the enterprise, such as a search program. - In some embodiments, the code is installed as a plug-in code or a script and/or otherwise additional code cooperating and/or integrated with the enterprise program and/or programs.
- In operation 304 a dialog, such as a pop-up dialog, is presented responsive to triggering a representation of an object for which a user does not have access rights.
- The triggering of the representation of the object may be carried out by pointing at the object such a by a mouse and applying a preset or a reserved operation such as right-button of a mouse.
- In
operation 306 responsive to accepting the dialog an owner of the object for which the user does not have access rights is automatically notified that access rights are requested. - In some embodiments, the code enables selecting a plurality of objects for which a user does not have access rights and accepting a dialog for the plurality of objects the owner or owners of the respective objects are notified that access rights are requested for the objects.
- Once the code is installed,
operation 304 andoperation 306 may be repeated as indicated by anarrow 308. -
FIG. 3B outlines operations by a user requesting access rights for an object for which the user does not have access rights, according to exemplary embodiments of the disclosed subject matter. - In operation 312 a user, optionally, identifies a representation of an object for which the user does not have access rights.
- In
operation 314 the user triggers the representation of the object for which a user does not have access rights. For example, pointing by a mouse the representation of the object and applying a preset or a reserved operation such as right-button of a mouse or hovering over the representation of the object. - In
operation 316 the user accepts a dialog that appears responsive to triggering the representation of the object for which the user does not have access rights, thereby automatically notifying an owner of the object for which the user does not have access rights that access rights are requested by the user. - In some embodiments, the user may select a plurality of objects for which a user does not have access rights and in a similar manner request the owner or owners of the objects access rights thereto.
- It is noted that by the methods and embodiments described herein a user may request access rights from an owner of an object wherein the user does not know who the owner is and, furthermore, optionally, the user is not allowed to know who the owner is and/or to know how to contact the owner.
- It is noted that referring to a dialog and operations respective thereto is a non-limiting example for conveying a non-limiting practice of the present disclosure. Alternatively, in some embodiments, different dialog and operations thereof may be used. Optionally or alternatively, no dialog is used, for example, once a forbidden object or a presentation thereof is triggered or activated, the owner of the forbidden object is notified.
-
FIG. 4A outlinesoperations 400 for requesting by a remote computer access rights for an object for which a user does not have access rights, according to exemplary embodiments of the disclosed subject matter. - In
operation 402 an add-on program configured for notifying an owner of an object of a computerized system is provided to a remote computer linked to the computerized system, where the add-on program is a program installed and operable in the remote computer by a mechanism such as of a plug-in or a script. - The add-on program is provided to the remote computer by any method, for example, by a storage device or via communications with a provider of the add-on program.
- In operation 404 a reference to a forbidden object of the computerized system and contact data of the owner of the forbidden object are provided to the remote computer.
- Generally, a reference to an object such as the forbidden object is provided as a link to the object or as by any other manner to locate and/or access the object, such as an address of the object.
- In operation 406 a representation of the forbidden object is displayed on and/or by the remote computer based on the reference to the forbidden object, and by triggering or activating the representation of the forbidden object the owner the forbidden object is notified by the add-on program according to the contact data that permission to access the forbidden object is requested for a user operating the remote computer.
- Triggering or activating a representation of an object is carried out by an action on and/or directed to the representation, for example, double-clicking by a mouse, double-tapping on a touch screen or any other suitable technique where some of which are described above.
- It is noted that, in some embodiments,
operation 404 may precedeoperation 402. -
FIG. 4B outlinesoperations 440 as some elaboration onoperations 400, according to exemplary embodiments of the disclosed subject matter. - In
operation 442 an add-on program configured for notifying an owner of an object of a computerized system is provided by the computerized system to a remote computer linked to the computerized system by and/or based on a code installed in a computerized system. - The code refers to a program or software modules installed in the computerized system such as in one or more components thereof. For example, the code is installed by a mechanism such as a library, dynamic link library (DLL) or any suitable mechanism such as a plug-in or a script.
- In operation 444 a reference to a forbidden object of the computerized system and contact data of the owner of the forbidden object is provided to the remote computer by the computerized system by and/or based on the code installed in the computerized system.
- In some embodiments, the reference is provided to the computerized system based on the ordinary and/or original software of the computerized system, namely, not involving the code. Further, according to and/or based on the code, the contact data is provided to the computerized system.
- In operation 446 a representation of the forbidden object is displayed by the remote computer according to and/or based on the reference, such as on a screen of and/or linked to the remote computer.
- In
operation 448 the displayed representation of the forbidden object is triggering or activated. Consequently, by utilizing the contact data the add-on program is invoked to notify the owner the forbidden object that permission to access the forbidden object is requested by a user operating the remote computer. - It is noted that, in some embodiments,
operation 444 may precedeoperation 442. - In some embodiments, the computerized system requests the computerized system to provide the contact data pursuant to or responsively to receiving the reference, or, alternatively, in some embodiments, the computerized system requests the computerized system to provide the contact data pursuant to or responsively to triggering the reference.
- In some cases and/or embodiments, responsive to receiving the notification the owner of the forbidden object may grant permission to the user of the remote computer to access the forbidden objects, optionally subject to one or more conditions such as expiration period of the permission, locality of the remote computer, limited number of accesses and so forth.
- It is emphasized that at least some of the operations described above, such as
operation 402,operation 404,operation 442 oroperation 444, or all the operations described above are applicable to any object rather than to a forbidden object only. - It is also emphasized that in some cases a forbidden object may comprise at least one section forbidden to a user, so that a notification to the owner may be applicable only to the forbidden section.
- It is emphasized that referring herein to a remote computer linked to a computerized system does not necessarily imply that the remote computer is indeed linked to the computerized system to carry out the operations described above. Rather, the remote computer may be intermittently linked the computerized system only for receiving and/or exchange data with the computerized system, and thus the remote computer is also referred to as being linkable to the computerized system. For example,
client computer 120 is linkable toenterprise 100 rather than being constantly linked toenterprise 100. - It is further emphasized that, in some embodiments, notifying an owner of an object of a computerized system by the add-on program operable in a remote computer linkable and/or linked to the computerized system is carried out independently of the computerized system whether the remote computer is linked or unlinked or detached from the computerized system. For example,
operation 406 ofoperations 400 oroperation 448 ofoperations 440 may be carried out onclient computer 120 independently of a computerized system such asenterprise 100. - It is noted that by notifying an owner of an object of a computerized system, a contact detail and/or details of a user operating the remote computer, such as
client computer 120, are provided to the owner either implicitly or explicitly. For example, in case an email or SMS is used to notify the owner, the owner may obtain the contact of the user implicitly by the sender email or telephone number, respectively. As another example, the user may attach explicitly a contact, such as an email, of the user for the owner responds to the user. - There is thus provided according to the present disclosure a method for requesting access rights for an object of a computerized system, comprising invoking in a remote computer linkable to the computerized system an add-on program configured for notifying an owner of the object of the computerized system according to received contact data of the owner of the object, thereby requesting from the owner of the object access rights to the object independently of the computerized system.
- In some embodiments, the contact data of the owner of the object is received from the computerized system when the remote is linked to the computerized system.
- In some embodiments, the add-on program is received from the computerized system when the remote computer linkable to the computerized system is linked to the computerized system.
- In some embodiments, wherein the add-on program is invoked responsive to triggering a displayed representation of the object which is based on a reference to the object received from the computerized system.
- In some embodiments, a user of the computerized system does not have access rights for the object of the computerized system.
- In some embodiments, a user of the computerized system does not have access rights for the object of the computerized system.
- In some embodiments, the user is ignorant who the owner of the object is.
- In some embodiments, the user is ignorant about contact information of the owner.
- In some embodiments, the triggering of the displayed representation of the object comprises an operation with respect to the displayed representation of the object by a pointing device.
- In some embodiments, notifying the owner comprises at least one of sending an email to the owner, sending SMS to the owner, instant messaging the owner, telephoning the owner, or any combination thereof.
- In some embodiments, the add-on program is installed in the computer as at least one of a plug-in program, a script, a library, a dynamic-link-library, or any combination thereof.
- There is thus yet provided according to the present disclosure an apparatus for requesting access rights for an object, comprising a computerized system having a storage and storing at least one object and contact data of an owner of the at least one object, and further comprising a first communication facility by which data related to the at least one object is providable to devices external to the computerized system, and an at least one computer comprising a second communication facility for linking with the computerized system, and further having an add-on program installed therein that is configured for notifying, independently of the computerized system, the owner of the at least one object with a request for access rights for the at least one object based on the contact data of the owner of the at least one object as provided by the computerized system.
- In some embodiments, the at least one computer comprises a screen on which a representation of the at least one object is displayable based on a reference to the object receivable from the computerized system.
- In some embodiments, the representation of the at least one object when displayed on the screen is triggerable to invoke the add-on program to notify the owner of the at least one object.
- In some embodiments, triggering of the displayed representation of the at least one object comprises an operation with respect to the displayed representation of the at least one object by a pointing device.
- In some embodiments, notifying the owner comprises at least one of sending an email to the owner, sending SMS to the owner, instant messaging the owner, telephoning the owner, or any combination thereof.
- In some embodiments, the add-on program is installed in the computer as at least one of a plug-in program, a script, a library, a dynamic-link-library, or any combination thereof.
- The terms ‘processor’ or ‘computer’, or system thereof, are used herein as ordinary context of the art, such as a general purpose processor or a micro-processor, RISC processor, or DSP, possibly comprising additional elements such as memory or communication ports. Optionally or additionally, the terms ‘processor’ or ‘computer’ or derivatives thereof denote an apparatus that is capable of carrying out a provided or an incorporated program and/or is capable to controlling and/or accessing data storage apparatus and/or other apparatus such as input and output ports. The terms ‘processor’ or ‘computer’ denote also a plurality of processors or computers connected, and/or linked and/or otherwise communicating, possibly sharing one or more other resources such as a memory.
- The terms ‘software’, ‘program’, ‘software procedure’ or ‘procedure’ or ‘software code’ or ‘code’ may be used interchangeably according to the context thereof, and denote one or more instructions or directives or circuitry for performing a sequence of operations that generally represent an algorithm and/or other process or method. The program is stored in or on a medium such as RAM, ROM, or disk, or embedded in a circuitry accessible and executable by an apparatus such as a processor or other circuitry.
- The processor and program may constitute the same apparatus, at least partially, such as an array of electronic gates, such as FPGA or ASIC, designed to perform a programmed sequence of operations, optionally comprising or linked with a processor or other circuitry.
- The term computerized apparatus or a similar one denotes an apparatus having one or more processors operable or operating according to a program.
- As used herein, without limiting, a module represents a part of a system such as a part program operating together with other parts on the same unit, or a program component operating on different unit, and a process represents a collection of operations for achieving a certain outcome.
- The term “configuring” and/or ‘adapting’ for an objective, or a variation thereof, implies using at least a software and/or electronic circuit and/or auxiliary apparatus designed and/or implemented and/or operable or operative to achieve the objective.
- A device storing and/or comprising a program and/or data constitutes an article of manufacture. Unless otherwise specified, the program and/or data are stored in or on a non-transitory medium.
- In case electrical or electronic equipment is disclosed it is assumed that an appropriate power supply is used for the operation thereof.
- The flowchart and block diagrams illustrate architecture, functionality or an operation of possible implementations of systems, methods and computer program products according to various embodiments of the present disclosed subject matter. In this regard, each block in the flowchart or block diagrams may represent a module, segment, or portion of program code, which comprises one or more executable instructions for implementing the specified logical function(s). It should also be noted that, in some alternative implementations, illustrated operations may occur in deferent order or as concurrent operations instead of sequential operations to achieve the same or equivalent effect.
- The corresponding structures, materials, acts, and equivalents of all means or step plus function elements in the claims below are intended to include any structure, material, or act for performing the function in combination with other claimed elements as specifically claimed. As used herein, the singular forms “a”, “an” and “the” are intended to include the plural forms as well, unless the context clearly indicates otherwise. It will be further understood that the terms “comprises” and/or “comprising” and/or “having” when used in this specification, specify the presence of stated features, integers, steps, operations, elements, and/or components, but do not preclude the presence or addition of one or more other features, integers, steps, operations, elements, components, and/or groups thereof.
- As used herein the term “configuring” and/or ‘adapting’ for an objective, or a variation thereof, implies using materials and/or components in a manner designed for and/or implemented and/or operable or operative to achieve the objective.
- The terminology used herein should not be understood as limiting, unless otherwise specified, and is for the purpose of describing particular embodiments only and is not intended to be limiting of the disclosed subject matter. While certain embodiments of the disclosed subject matter have been illustrated and described, it will be clear that the disclosure is not limited to the embodiments described herein. Numerous modifications, changes, variations, substitutions and equivalents are not precluded.
Claims (17)
1. A method for requesting access rights for an object of a computerized system, comprising:
invoking in a remote computer linkable to the computerized system an add-on program configured for notifying an owner of the object of the computerized system according to received contact data of the owner of the object,
thereby requesting from the owner of the object access rights to the object independently of the computerized system.
2. The method according to claim 1 , wherein the contact data of the owner of the object is received from the computerized system when the remote is linked to the computerized system.
3. The method according to claim 1 , wherein the add-on program is received from the computerized system when the remote computer linkable to the computerized system is linked to the computerized system.
4. The method according to claim 1 , wherein the add-on program is invoked responsive to triggering a displayed representation of the object which is based on a reference to the object received from the computerized system.
5. The method according to claim 1 , wherein a user of the computerized system does not have access rights for the object of the computerized system.
6. The method according to claim 1 , wherein a user of the computerized system does not have access rights for the object of the computerized system.
7. The method according to claim 6 , wherein the user is ignorant who the owner of the object is.
8. The method according to claim 6 , wherein the user is ignorant about contact information of the owner.
9. The method according to claim 4 , wherein the triggering of the displayed representation of the object comprises an operation with respect to the displayed representation of the object by a pointing device.
10. The method according to claim 1 , wherein notifying the owner comprises at least one of sending an email to the owner, sending SMS to the owner, instant messaging the owner, telephoning the owner, or any combination thereof.
11. The method according to claim 1 , wherein the add-on program is installed in the computer as at least one of a plug-in program, a script, a library, a dynamic-link-library, or any combination thereof.
12. An apparatus for requesting access rights for an object, comprising:
a computerized system having a storage and storing at least one object and contact data of an owner of the at least one object, and further comprising a first communication facility by which data related to the at least one object is providable to devices external to the computerized system; and
an at least one computer comprising a second communication facility for linking with the computerized system, and further having an add-on program installed therein that is configured for notifying, independently of the computerized system, the owner of the at least one object with a request for access rights for the at least one object based on the contact data of the owner of the at least one object as provided by the computerized system.
13. The apparatus according to claim 12 , wherein the at least one computer comprises a screen on which a representation of the at least one object is displayable based on a reference to the object receivable from the computerized system.
14. The apparatus according to claim 13 , wherein the representation of the at least one object when displayed on the screen is triggerable to invoke the add-on program to notify the owner of the at least one object.
15. The apparatus according to claim 14 , wherein triggering of the displayed representation of the at least one object comprises an operation with respect to the displayed representation of the at least one object by a pointing device.
16. The apparatus according to claim 12 , wherein notifying the owner comprises at least one of sending an email to the owner, sending SMS to the owner, instant messaging the owner, telephoning the owner, or any combination thereof.
17. The apparatus according to claim 12 , wherein the add-on program is installed in the computer as at least one of a plug-in program, a script, a library, a dynamic-link-library, or any combination thereof.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US14/160,603 US9767296B2 (en) | 2012-04-02 | 2014-01-22 | Requesting access to restricted objects by a remote computer |
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US13/437,004 US9747459B2 (en) | 2012-04-02 | 2012-04-02 | Method and apparatus for requesting access to files |
US14/160,603 US9767296B2 (en) | 2012-04-02 | 2014-01-22 | Requesting access to restricted objects by a remote computer |
Related Parent Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
US13/437,004 Continuation-In-Part US9747459B2 (en) | 2012-04-02 | 2012-04-02 | Method and apparatus for requesting access to files |
Publications (2)
Publication Number | Publication Date |
---|---|
US20140137269A1 true US20140137269A1 (en) | 2014-05-15 |
US9767296B2 US9767296B2 (en) | 2017-09-19 |
Family
ID=50683111
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
US14/160,603 Active US9767296B2 (en) | 2012-04-02 | 2014-01-22 | Requesting access to restricted objects by a remote computer |
Country Status (1)
Country | Link |
---|---|
US (1) | US9767296B2 (en) |
Families Citing this family (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US11321101B2 (en) * | 2019-07-10 | 2022-05-03 | Vmware, Inc. | Deployment and isolation of plugins in a virtualized computing environment |
Citations (71)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20030037119A1 (en) * | 1997-11-14 | 2003-02-20 | National Instruments Corporation | Graphical programming system and method including nodes for programmatically accessing data sources and targets |
US20040068524A1 (en) * | 2002-04-03 | 2004-04-08 | Aboulhosn Amir L. | Peer-to-peer file sharing |
US20040172396A1 (en) * | 2001-05-17 | 2004-09-02 | Marko Vanska | Remotely granting access to a smart environment |
US20050138104A1 (en) * | 2003-10-20 | 2005-06-23 | Henry Houh | Computer language interpretation and optimization for server testing |
US20050192822A1 (en) * | 2003-03-25 | 2005-09-01 | Hartenstein Mark A. | Systems and methods for managing affiliations |
US20050232423A1 (en) * | 2004-04-20 | 2005-10-20 | Microsoft Corporation | Abstractions and automation for enhanced sharing and collaboration |
US20050251500A1 (en) * | 1999-03-03 | 2005-11-10 | Vahalia Uresh K | File server system providing direct data sharing between clients with a server acting as an arbiter and coordinator |
US20060064394A1 (en) * | 2004-09-17 | 2006-03-23 | International Business Machines Corporation | Method for handling changing and disappearing online references to research information |
US20060080278A1 (en) * | 2004-10-08 | 2006-04-13 | Neiditsch Gerard D | Automated paperless file management |
US20060206464A1 (en) * | 1999-11-18 | 2006-09-14 | Sony Corporation | Document processing system |
US20060224735A1 (en) * | 2005-03-31 | 2006-10-05 | International Business Machines Corporation | Access validation and management of access permissions to referenced shared resources in a networked environment |
US20060259585A1 (en) * | 2005-05-10 | 2006-11-16 | International Business Machines Corporation | Enabling user selection of web page position download priority during a download |
US20070130166A1 (en) * | 2005-12-01 | 2007-06-07 | Canon Kabushiki Kaisha | Information processing apparatus, server apparatus file processing method, storage medium, and program |
US20070199025A1 (en) * | 2006-02-17 | 2007-08-23 | Angiolillo Joel S | Systems and methods for providing a shared folder via television |
US20070214144A1 (en) * | 2001-04-26 | 2007-09-13 | Lawson Robert J | System and method for managing user profiles |
US20070244899A1 (en) * | 2006-04-14 | 2007-10-18 | Yakov Faitelson | Automatic folder access management |
US20070282802A1 (en) * | 2006-05-09 | 2007-12-06 | International Business Machines Corporation | System, method and program to manage alternate bookmarks |
US7308498B1 (en) * | 2003-02-13 | 2007-12-11 | Microsoft Corporation | System and method for automating a request for access to a restricted computer accessible resource |
US20080034437A1 (en) * | 1999-10-14 | 2008-02-07 | Drm Technologies, Llc | Controlling access to electronic content |
US20080040653A1 (en) * | 2006-08-14 | 2008-02-14 | Christopher Levine | System and methods for managing presentation and behavioral use of web display content |
US20080109912A1 (en) * | 2006-11-08 | 2008-05-08 | Citrix Systems, Inc. | Method and system for dynamically associating access rights with a resource |
US20080126232A1 (en) * | 2006-11-28 | 2008-05-29 | Kevin Lee | System and method for routing Internet transactions from within an organizational network |
US20080148310A1 (en) * | 2006-12-14 | 2008-06-19 | Verizon Services Corp. | Parental controls in a media network |
US20080201450A1 (en) * | 2007-02-20 | 2008-08-21 | Paul Bong | Owner controlled access to shared data resource |
US20080235760A1 (en) * | 2006-05-02 | 2008-09-25 | International Business Machines Corporation | Confidential Content Reporting System and Method with Electronic Mail Verification Functionality |
US20080256458A1 (en) * | 2007-04-02 | 2008-10-16 | Siemens Medical Solutions Usa, Inc. | Data Access Control System for Shared Directories and Other Resources |
US20080294641A1 (en) * | 2003-01-17 | 2008-11-27 | The Board Of Trustees Of The Leland Stanford Junior University | Methods and apparatus for storing, organizing, and sharing multimedia objects and documents |
US20090150169A1 (en) * | 2007-05-17 | 2009-06-11 | Unlimited Cad Services, Llc | Document acquisition and authentication system |
US20090157772A1 (en) * | 2002-07-11 | 2009-06-18 | Joaquin Picon | System for extending the file system api |
US20090164271A1 (en) * | 2007-12-21 | 2009-06-25 | Johnson Bradley G | System and Method for Tracking Syndication of Internet Content |
US20090228716A1 (en) * | 2008-02-08 | 2009-09-10 | Pado Metawsre Ab | Method and system for distributed coordination of access to digital files |
US20090228919A1 (en) * | 2007-11-16 | 2009-09-10 | Zott Joseph A | Media playlist management and viewing remote control |
US20090282062A1 (en) * | 2006-10-19 | 2009-11-12 | Dovetail Software Corporation Limited | Data protection and management |
US20090293105A1 (en) * | 2004-03-23 | 2009-11-26 | Yasutaka Urakawa | Access control system and access control method |
US20090307775A1 (en) * | 2004-12-30 | 2009-12-10 | Ebay Inc. | Identifying fraudulent activities and the perpetrators thereof |
US20100010998A1 (en) * | 2008-07-09 | 2010-01-14 | The Go Daddy Group, Inc. | Document storage access on a time-based approval basis |
US20100011448A1 (en) * | 2008-07-09 | 2010-01-14 | The Go Daddy Group, Inc. | Maintaining contact with a document storage file owner |
US20100024011A1 (en) * | 2008-07-28 | 2010-01-28 | Canon Kabushiki Kaisha | Document management system and document management method |
US20100106765A1 (en) * | 2008-10-20 | 2010-04-29 | Hitachi, Ltd. | Information providing method and system therefor |
US20100153483A1 (en) * | 2008-12-11 | 2010-06-17 | Sap Ag | Displaying application content in synchronously opened window |
US20100161993A1 (en) * | 2006-10-25 | 2010-06-24 | Darcy Mayer | Notary document processing and storage system and methods |
US20100262624A1 (en) * | 2009-04-14 | 2010-10-14 | Microsoft Corporation | Discovery of inaccessible computer resources |
US20110010134A1 (en) * | 2009-07-08 | 2011-01-13 | Graphisoft | Active building information modeling apparatus and method |
US20110040980A1 (en) * | 2009-08-12 | 2011-02-17 | Apple Inc. | File Management Safe Deposit Box |
US20110055207A1 (en) * | 2008-08-04 | 2011-03-03 | Liveperson, Inc. | Expert Search |
US20110061111A1 (en) * | 2009-09-09 | 2011-03-10 | Yakov Faitelson | Access permissions entitlement review |
US20110072520A1 (en) * | 2003-08-23 | 2011-03-24 | Softex Incorporated | System And Method For Protecting Files Stored On An Electronic Device |
US20110134471A1 (en) * | 2009-12-09 | 2011-06-09 | Canon Kabushiki Kaisha | Document management system, document management method, and storage medium |
US20110161091A1 (en) * | 2009-12-24 | 2011-06-30 | Vertical Acuity, Inc. | Systems and Methods for Connecting Entities Through Content |
US20110162040A1 (en) * | 2009-01-23 | 2011-06-30 | Randall Stephens | Owner Controlled Transmitted File Protection and Access Control System and Method |
US20110184989A1 (en) * | 2009-09-09 | 2011-07-28 | Yakov Faitelson | Automatic resource ownership assignment systems and methods |
US20110247081A1 (en) * | 2010-03-30 | 2011-10-06 | Private Access, Inc. | System and method for selectively redacting information in electronic documents |
US20110252375A1 (en) * | 2010-04-07 | 2011-10-13 | Imran Chaudhri | Device, Method, and Graphical User Interface for Managing Folders |
US20110282788A1 (en) * | 2010-05-12 | 2011-11-17 | Bank Of America Corporation | Anonymous Electronic Payment System |
US20110302210A1 (en) * | 2010-05-26 | 2011-12-08 | Gelu Comanescu | System and methods for keeping information and data for proving authorship and priority of ideas, creations, inventions, explanations, declarations, factual assertions and others; for keeping personal documents securely and confidentially; for securing evidence for legal proceedings; and for delivering messages and documents to parties. |
US20110307695A1 (en) * | 2010-06-14 | 2011-12-15 | Salesforce.Com, Inc. | Methods and systems for providing a secure online feed in a multi-tenant database environment |
US20120131686A1 (en) * | 2004-07-08 | 2012-05-24 | Hank Risan | Method and system for preventing unauthorized reproduction of electronic media |
US20120150989A1 (en) * | 2010-12-14 | 2012-06-14 | Microsoft Corporation | Link Expansion Service |
US20120173981A1 (en) * | 2010-12-02 | 2012-07-05 | Day Alexandrea L | Systems, devices and methods for streaming multiple different media content in a digital container |
US20120179541A1 (en) * | 2011-01-12 | 2012-07-12 | Scentara Oy Ab | System and method for providing advertisement in web sites |
US20120221561A1 (en) * | 2011-02-28 | 2012-08-30 | Hsbc Bank Plc | Computer system, database and uses thereof |
US20120278386A1 (en) * | 2011-04-29 | 2012-11-01 | International Business Machines Corporation | Asset sharing within an enterprise using a peer-to-peer network |
US20120304306A1 (en) * | 2011-04-06 | 2012-11-29 | Tata Consultancy Services Limited | System for enterprise digital rights management |
US20120331481A1 (en) * | 2011-06-22 | 2012-12-27 | Faludi Gabor | Interaction between applications built on different user interface technologies |
US20130212650A1 (en) * | 2012-02-14 | 2013-08-15 | Sky Socket, Llc | Distribution of variably secure resources in a networked environment |
US20130226970A1 (en) * | 2012-02-28 | 2013-08-29 | Software Ag | Systems and/or methods for automatically deriving web service permissions based on xml structure permissions |
US20130239014A1 (en) * | 2012-03-07 | 2013-09-12 | Salesforce.Com, Inc. | File transfer methodology for a desktop sharing system |
US20130246901A1 (en) * | 2012-03-19 | 2013-09-19 | Litera Technologies, LLC. | System and method for synchronizing bi-directional document management |
US20130263275A1 (en) * | 2012-04-02 | 2013-10-03 | Varonis Systems, Inc. | Method and apparatus for requesting access to files |
US20140244829A1 (en) * | 2013-02-27 | 2014-08-28 | Google Inc. | Determining Duration of Idleness or Abandonment of Resources and Property |
US8938669B1 (en) * | 2011-03-15 | 2015-01-20 | Google Inc. | Inline user addressing in chat and document editing sessions |
Family Cites Families (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20100175113A1 (en) | 2009-01-05 | 2010-07-08 | International Business Machine Corporation | Secure System Access Without Password Sharing |
-
2014
- 2014-01-22 US US14/160,603 patent/US9767296B2/en active Active
Patent Citations (72)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20030037119A1 (en) * | 1997-11-14 | 2003-02-20 | National Instruments Corporation | Graphical programming system and method including nodes for programmatically accessing data sources and targets |
US20050251500A1 (en) * | 1999-03-03 | 2005-11-10 | Vahalia Uresh K | File server system providing direct data sharing between clients with a server acting as an arbiter and coordinator |
US20080034437A1 (en) * | 1999-10-14 | 2008-02-07 | Drm Technologies, Llc | Controlling access to electronic content |
US20060206464A1 (en) * | 1999-11-18 | 2006-09-14 | Sony Corporation | Document processing system |
US20070214144A1 (en) * | 2001-04-26 | 2007-09-13 | Lawson Robert J | System and method for managing user profiles |
US20040172396A1 (en) * | 2001-05-17 | 2004-09-02 | Marko Vanska | Remotely granting access to a smart environment |
US20040068524A1 (en) * | 2002-04-03 | 2004-04-08 | Aboulhosn Amir L. | Peer-to-peer file sharing |
US20090157772A1 (en) * | 2002-07-11 | 2009-06-18 | Joaquin Picon | System for extending the file system api |
US20080294641A1 (en) * | 2003-01-17 | 2008-11-27 | The Board Of Trustees Of The Leland Stanford Junior University | Methods and apparatus for storing, organizing, and sharing multimedia objects and documents |
US7308498B1 (en) * | 2003-02-13 | 2007-12-11 | Microsoft Corporation | System and method for automating a request for access to a restricted computer accessible resource |
US20050192822A1 (en) * | 2003-03-25 | 2005-09-01 | Hartenstein Mark A. | Systems and methods for managing affiliations |
US20110072520A1 (en) * | 2003-08-23 | 2011-03-24 | Softex Incorporated | System And Method For Protecting Files Stored On An Electronic Device |
US20050138104A1 (en) * | 2003-10-20 | 2005-06-23 | Henry Houh | Computer language interpretation and optimization for server testing |
US20090293105A1 (en) * | 2004-03-23 | 2009-11-26 | Yasutaka Urakawa | Access control system and access control method |
US20050232423A1 (en) * | 2004-04-20 | 2005-10-20 | Microsoft Corporation | Abstractions and automation for enhanced sharing and collaboration |
US20120131686A1 (en) * | 2004-07-08 | 2012-05-24 | Hank Risan | Method and system for preventing unauthorized reproduction of electronic media |
US20060064394A1 (en) * | 2004-09-17 | 2006-03-23 | International Business Machines Corporation | Method for handling changing and disappearing online references to research information |
US20060080278A1 (en) * | 2004-10-08 | 2006-04-13 | Neiditsch Gerard D | Automated paperless file management |
US20090307775A1 (en) * | 2004-12-30 | 2009-12-10 | Ebay Inc. | Identifying fraudulent activities and the perpetrators thereof |
US20060224735A1 (en) * | 2005-03-31 | 2006-10-05 | International Business Machines Corporation | Access validation and management of access permissions to referenced shared resources in a networked environment |
US20060259585A1 (en) * | 2005-05-10 | 2006-11-16 | International Business Machines Corporation | Enabling user selection of web page position download priority during a download |
US20070130166A1 (en) * | 2005-12-01 | 2007-06-07 | Canon Kabushiki Kaisha | Information processing apparatus, server apparatus file processing method, storage medium, and program |
US20070199025A1 (en) * | 2006-02-17 | 2007-08-23 | Angiolillo Joel S | Systems and methods for providing a shared folder via television |
US20070244899A1 (en) * | 2006-04-14 | 2007-10-18 | Yakov Faitelson | Automatic folder access management |
US20080235760A1 (en) * | 2006-05-02 | 2008-09-25 | International Business Machines Corporation | Confidential Content Reporting System and Method with Electronic Mail Verification Functionality |
US20070282802A1 (en) * | 2006-05-09 | 2007-12-06 | International Business Machines Corporation | System, method and program to manage alternate bookmarks |
US20080040653A1 (en) * | 2006-08-14 | 2008-02-14 | Christopher Levine | System and methods for managing presentation and behavioral use of web display content |
US20090282062A1 (en) * | 2006-10-19 | 2009-11-12 | Dovetail Software Corporation Limited | Data protection and management |
US20100161993A1 (en) * | 2006-10-25 | 2010-06-24 | Darcy Mayer | Notary document processing and storage system and methods |
US20080109912A1 (en) * | 2006-11-08 | 2008-05-08 | Citrix Systems, Inc. | Method and system for dynamically associating access rights with a resource |
US20080126232A1 (en) * | 2006-11-28 | 2008-05-29 | Kevin Lee | System and method for routing Internet transactions from within an organizational network |
US20080148310A1 (en) * | 2006-12-14 | 2008-06-19 | Verizon Services Corp. | Parental controls in a media network |
US8190754B2 (en) * | 2006-12-14 | 2012-05-29 | Verizon Patent And Licensing Inc. | Parental controls in a media network |
US20080201450A1 (en) * | 2007-02-20 | 2008-08-21 | Paul Bong | Owner controlled access to shared data resource |
US20080256458A1 (en) * | 2007-04-02 | 2008-10-16 | Siemens Medical Solutions Usa, Inc. | Data Access Control System for Shared Directories and Other Resources |
US20090150169A1 (en) * | 2007-05-17 | 2009-06-11 | Unlimited Cad Services, Llc | Document acquisition and authentication system |
US20090228919A1 (en) * | 2007-11-16 | 2009-09-10 | Zott Joseph A | Media playlist management and viewing remote control |
US20090164271A1 (en) * | 2007-12-21 | 2009-06-25 | Johnson Bradley G | System and Method for Tracking Syndication of Internet Content |
US20090228716A1 (en) * | 2008-02-08 | 2009-09-10 | Pado Metawsre Ab | Method and system for distributed coordination of access to digital files |
US20100011448A1 (en) * | 2008-07-09 | 2010-01-14 | The Go Daddy Group, Inc. | Maintaining contact with a document storage file owner |
US20100010998A1 (en) * | 2008-07-09 | 2010-01-14 | The Go Daddy Group, Inc. | Document storage access on a time-based approval basis |
US20100024011A1 (en) * | 2008-07-28 | 2010-01-28 | Canon Kabushiki Kaisha | Document management system and document management method |
US20110055207A1 (en) * | 2008-08-04 | 2011-03-03 | Liveperson, Inc. | Expert Search |
US20100106765A1 (en) * | 2008-10-20 | 2010-04-29 | Hitachi, Ltd. | Information providing method and system therefor |
US20100153483A1 (en) * | 2008-12-11 | 2010-06-17 | Sap Ag | Displaying application content in synchronously opened window |
US20110162040A1 (en) * | 2009-01-23 | 2011-06-30 | Randall Stephens | Owner Controlled Transmitted File Protection and Access Control System and Method |
US20100262624A1 (en) * | 2009-04-14 | 2010-10-14 | Microsoft Corporation | Discovery of inaccessible computer resources |
US20110010134A1 (en) * | 2009-07-08 | 2011-01-13 | Graphisoft | Active building information modeling apparatus and method |
US20110040980A1 (en) * | 2009-08-12 | 2011-02-17 | Apple Inc. | File Management Safe Deposit Box |
US20110061111A1 (en) * | 2009-09-09 | 2011-03-10 | Yakov Faitelson | Access permissions entitlement review |
US20110184989A1 (en) * | 2009-09-09 | 2011-07-28 | Yakov Faitelson | Automatic resource ownership assignment systems and methods |
US20110134471A1 (en) * | 2009-12-09 | 2011-06-09 | Canon Kabushiki Kaisha | Document management system, document management method, and storage medium |
US20110161091A1 (en) * | 2009-12-24 | 2011-06-30 | Vertical Acuity, Inc. | Systems and Methods for Connecting Entities Through Content |
US20110247081A1 (en) * | 2010-03-30 | 2011-10-06 | Private Access, Inc. | System and method for selectively redacting information in electronic documents |
US20110252375A1 (en) * | 2010-04-07 | 2011-10-13 | Imran Chaudhri | Device, Method, and Graphical User Interface for Managing Folders |
US20110282788A1 (en) * | 2010-05-12 | 2011-11-17 | Bank Of America Corporation | Anonymous Electronic Payment System |
US20110302210A1 (en) * | 2010-05-26 | 2011-12-08 | Gelu Comanescu | System and methods for keeping information and data for proving authorship and priority of ideas, creations, inventions, explanations, declarations, factual assertions and others; for keeping personal documents securely and confidentially; for securing evidence for legal proceedings; and for delivering messages and documents to parties. |
US20110307695A1 (en) * | 2010-06-14 | 2011-12-15 | Salesforce.Com, Inc. | Methods and systems for providing a secure online feed in a multi-tenant database environment |
US20120173981A1 (en) * | 2010-12-02 | 2012-07-05 | Day Alexandrea L | Systems, devices and methods for streaming multiple different media content in a digital container |
US20120150989A1 (en) * | 2010-12-14 | 2012-06-14 | Microsoft Corporation | Link Expansion Service |
US20120179541A1 (en) * | 2011-01-12 | 2012-07-12 | Scentara Oy Ab | System and method for providing advertisement in web sites |
US20120221561A1 (en) * | 2011-02-28 | 2012-08-30 | Hsbc Bank Plc | Computer system, database and uses thereof |
US8938669B1 (en) * | 2011-03-15 | 2015-01-20 | Google Inc. | Inline user addressing in chat and document editing sessions |
US20120304306A1 (en) * | 2011-04-06 | 2012-11-29 | Tata Consultancy Services Limited | System for enterprise digital rights management |
US20120278386A1 (en) * | 2011-04-29 | 2012-11-01 | International Business Machines Corporation | Asset sharing within an enterprise using a peer-to-peer network |
US20120331481A1 (en) * | 2011-06-22 | 2012-12-27 | Faludi Gabor | Interaction between applications built on different user interface technologies |
US20130212650A1 (en) * | 2012-02-14 | 2013-08-15 | Sky Socket, Llc | Distribution of variably secure resources in a networked environment |
US20130226970A1 (en) * | 2012-02-28 | 2013-08-29 | Software Ag | Systems and/or methods for automatically deriving web service permissions based on xml structure permissions |
US20130239014A1 (en) * | 2012-03-07 | 2013-09-12 | Salesforce.Com, Inc. | File transfer methodology for a desktop sharing system |
US20130246901A1 (en) * | 2012-03-19 | 2013-09-19 | Litera Technologies, LLC. | System and method for synchronizing bi-directional document management |
US20130263275A1 (en) * | 2012-04-02 | 2013-10-03 | Varonis Systems, Inc. | Method and apparatus for requesting access to files |
US20140244829A1 (en) * | 2013-02-27 | 2014-08-28 | Google Inc. | Determining Duration of Idleness or Abandonment of Resources and Property |
Also Published As
Publication number | Publication date |
---|---|
US9767296B2 (en) | 2017-09-19 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US11086692B2 (en) | Multiplatform management system and method for mobile devices | |
US20140258828A1 (en) | Pick-and-place webform autofill | |
US20080256458A1 (en) | Data Access Control System for Shared Directories and Other Resources | |
US20170359701A1 (en) | Sticker distribution system for messaging apps | |
US8083135B2 (en) | Information card overlay | |
US8271387B2 (en) | Method and apparatus for providing limited access to data objects or files within an electronic software delivery and management system | |
CN111695156A (en) | Service platform access method, device, equipment and storage medium | |
US20110271201A1 (en) | Decentralized Contextual Collaboration Across Heterogeneous Environments | |
US20030156132A1 (en) | Method and apparatus for generating a graphical interface to enable local or remote access to an application having a command line interface | |
US10643004B2 (en) | Techniques for enabling a software application to access files at a computing device while enforcing privacy measures | |
CN108292350A (en) | That supports Syndicating search is automatically brought into operation detection to protected field | |
CN111857498B (en) | Data interaction method and device and electronic equipment | |
US9767296B2 (en) | Requesting access to restricted objects by a remote computer | |
US9747459B2 (en) | Method and apparatus for requesting access to files | |
US20210006553A1 (en) | Personal data application and personal data application control method | |
WO2023246723A1 (en) | Object access method and apparatus, and electronic device, storage medium and program product | |
EP2834954A1 (en) | A method and apparatus for requesting access to files | |
JP6544871B2 (en) | Information display method, terminal, and server | |
CN112580065A (en) | Data query method and device | |
CN115016870A (en) | Task creation method and device, electronic equipment and storage medium | |
CN114489414A (en) | File processing method and device | |
Ma et al. | OpenID connect as a security service in Cloud-based diagnostic imaging systems | |
US20130239027A1 (en) | Apparatus and method for generating wiki previews | |
CN116521488B (en) | Metadata-based self-defined document tracing method, device, equipment and medium | |
CN107180174A (en) | Pass code for computing device |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
AS | Assignment |
Owner name: VARONIS SYSTEMS, INC., NEW YORK Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNORS:FAITELSON, YAKOV;KORKUS, OHAD;BASS, DAVID;SIGNING DATES FROM 20131218 TO 20140122;REEL/FRAME:032014/0472 |
|
STCF | Information on status: patent grant |
Free format text: PATENTED CASE |
|
MAFP | Maintenance fee payment |
Free format text: PAYMENT OF MAINTENANCE FEE, 4TH YEAR, LARGE ENTITY (ORIGINAL EVENT CODE: M1551); ENTITY STATUS OF PATENT OWNER: LARGE ENTITY Year of fee payment: 4 |